Presentation is loading. Please wait.

Presentation is loading. Please wait.

Parsing and Validating Text Input file opening and closing fprintf, fscanf and sscanf fgets and fputs fgetc and putc Parsing a Token Delimited Input Record.

Published byEarl Lambert Modified over 8 years ago

Similar presentations

Presentation on theme: "Parsing and Validating Text Input file opening and closing fprintf, fscanf and sscanf fgets and fputs fgetc and putc Parsing a Token Delimited Input Record."— Presentation transcript:

1 Parsing and Validating Text Input file opening and closing fprintf, fscanf and sscanf fgets and fputs fgetc and putc Parsing a Token Delimited Input Record Example Program using strtok Input Validation Approaches Checking for safe or dangerous input

2 file opening and closing Except for stdin, stdout and stderr, files have to be opened before reading or writing. fopen() opens a file and returns a filehandle or NULL on error. fclose() closes a filehandle. Example 1: #include #define IN "master.txt" #define OUT "backup.txt"

3 Example 1 continued

4 fprintf and fscanf fscanf() and fprintf() work in the same way as printf and scanf, the difference being the extra first filehandle parameter is used to direct input/output to/from an opened file. fscanf() has no inbuilt protection against buffer overflows, or data in the input file being incompatible with the data wanted. It stops reading a field on encountering whitespace. What if the field contains spaces, tabs or newlines ?

5 sscanf With sscanf() the first parameter is the string it reads and converts. This can be useful if the string has been validated e.g. as a number, and string fields don't contain embedded whitespace. fscanf(stdin, args... ) is the same as scanf( args... ). fprintf(stdout, args... ) is the same as printf( args... ). sscanf(string, args... ) like fscanf but scans and parses string instead of file.

6 fgets and fputs fgets() reads a line of data from a file up to and including the newline character: '\n' into a string and then appends the string terminator character: '\0' after the newline. fgets() returns the value NULL (not EOF !) when attempting to read beyond the end of file. fgets() requires: * the name of the string ( or any other pointer giving the address at which it starts), * the maximum number of characters to read - 1 (to leave room for the '\0' end of string marker)‏ * and the filehandle as parameters. fputs() writes a string to a file such that fputs(string,out) is the equivalent of fprintf(out,"%s",string).

7 fgets continued The fgets() function is particularly useful for robustly reading text files organised into records separated using newlines as it contains built in buffer overflow protection. Data can be input using fgets() into a character string, validated to ensure the correct number and types of data items are present and then read from the string into local program variables of the appropriate types using sscanf().

8 fgetc and putc These functions are the file-enabled equivalents of getchar() and putchar(). They are used to read and write single characters from and to files respectively. getc() returns EOF if an attempt is made to read beyond the end of file. c=getc(in); is the equivalent of fscanf(in,"%c",&c); and putc(c,out); is the equivalent of fprintf(out,"%c",c);.

9 Copying file one character at a time

10 Parsing a Token Delimited Record Use of the strtok() function in stdlib.h helps make this job a bit easier. The idea is to convert field delimiters into '\0' null characters. Strtok is passed and returns the address of the start of field 1. For fields >= 2 you can either pass it a NULL instead, when it will automatically calculate the address of the start of the next string, unless you choose to calculate and pass the address of the start of the next string and so on. These string addresses can be stored in an array of char pointers for use later. This technique can be used to input fields which include unknown numbers of space and tab (\t) characters.

11 Warning concerning strtok strtok() modifies the string it parses, by replacing field delimiters with '\0' NULL byte characters. If this is a problem, clone the string first using strcpy() and then parse the clone. E.G. char *clone; /* using malloc() to avoid buffer overrun */ if( (clone = (char*) malloc(sizeof(char)*(strlen(original)+1)))‏ == NULL ) exit(1); /* error if insufficient memory strcpy(clone,original); /* must remember to free(clone) later */

12 strtok example program

13 strtok program output Name: Joseph Smith Weight: 64.300000 Age: 25

14 A thread-safe strtok The static pointer variable value used internally within strtok() won't survive concurrent use in a multi-threaded application. If this is a problem, you can use the re-entrant version strtok_r(), prototype defined in the POSIX.1-2001 standard as follows: char *strtok_r(char *str, const char *delim, char **saveptr); The saveptr has to be passed the address of a pointer variable declared within the caller function, which enables the position within the string being parsed to be remembered between function calls.

15 Input Validation Approaches Is input likely to be perfect, clumsy or hostile ? Perfect input assumes the person entering data will never use an incorrect key on the keyboard. The program is otherwise allowed to crash. Clumsy input is common for a stand-alone application. An application is fragile and less usable if it crashes e.g. due to casual use of the key by a user who hasn't read the prompt requesting input data correctly. Hostile input has to be assumed very likely if the application accepts input data from non-authenticated users over the Internet. A standalone application might later become a web-browser plugin.

16 Buffer Overflow Protection A buffer overflow occurs when a program writes beyond or outside allocated blocks of memory. Attackers may attempt to write specific data into the executable part of a program, e.g. vectoring execution into inserted code by overwriting a function return address (stack smashing). The allocated block might be an structure or character array, or a block allocated dynamically using malloc(). Many network programs are compromised through buffer overflows. fgets() allows the programmer to specify the maximum buffer size which it will overwrite. Careful programming is needed to ensure access can only be made within allocated memory.

17 Hostile input example A web-based calculator program reads data from an HTML form expected to be in the format: a op b, where a and b are numbers and b is an arithmetic operation e.g. +, -, * and /. A naive programmer has used a Perl or Python eval() function upon this input data and writes the result of the calculation to the web browser. Mr Evil Cracker tests for this possibility with the form input: open("/etc/shadow").read() This results in the output: Traceback (most recent call last): File "", line 1, in ? File "", line 0, in ? IOError: [Errno 13] Permission denied: '/etc/shadow'

18 Hostile input example 2 This shows that there is some rudimentary security on this system, as the webserver program is not running with the administrator privileges which would allow reading the shadow password file. Mr Evil Cracker hasn't got a crackable form of the password hash file yet, but he now knows that he can run any Python code on the target system with the permissions of the webserver program. As this allows him to create and execute other program files on this server, all he now needs is to find a local privilege escalation exploit, rather than a remote one. His chances of running a program giving him full control of this server are now much greater.

19 Check safe or dangerous input ? The problem with checking for dangerous input is that crackers will know things about your system that you don't. Therefore you don't really know what might be dangerous and what isn't so you can't easily check for specifically dangerous data. However, safe input is within the range of input values which you have designed your program to handle. If the required data is in the form of a string, what are the maximum and minimum string lengths, and what characters should be allowed in a string e.g. to input someones name or address ? You should reject anything not in your allowed designed and tested range of values, sending a suitable error message to the user so that input mistakes can be corrected.

20 Checking safe input numbers If you want to input numbers, you need to ensure that the data string input can be safely converted to a number. You want to consider what the range of acceptable numbers suitable for input to your program should be: Minimum and maximum values, avoiding numeric overflows. Whether integer or floating point. What the maximum acceptable string length is for each input. Numbers should always be input as strings and then validated and converted.

Download ppt "Parsing and Validating Text Input file opening and closing fprintf, fscanf and sscanf fgets and fputs fgetc and putc Parsing a Token Delimited Input Record."

Similar presentations

Introduction to C Programming

Introduction to C Programming
File Management in C. What is a File? A file is a collection of related data that a computers treats as a single unit. Computers store files to secondary.

File Management in C. What is a File? A file is a collection of related data that a computers treats as a single unit. Computers store files to secondary.
A C++ Crash Course Part II UW Association for Computing Machinery Questions & Feedback.

A C++ Crash Course Part II UW Association for Computing Machinery Questions & Feedback.
Functions, Varargs, and Stack Smashing Using the Stack for Good And Evil Before You Sit Down Please Get The Handout at the Entrance This file is called.

Functions, Varargs, and Stack Smashing Using the Stack for Good And Evil Before You Sit Down Please Get The Handout at the Entrance This file is called.
I/O means Input and Output. One way: use standard input and standard output. To read in data, use scanf() (or a few other functions) To write out data,

I/O means Input and Output. One way: use standard input and standard output. To read in data, use scanf() (or a few other functions) To write out data,
C Characters & Strings Character Review Character Handling Library Initialization String Conversion Functions String Handling Library Standard Input/Output.

C Characters & Strings Character Review Character Handling Library Initialization String Conversion Functions String Handling Library Standard Input/Output.
Character String Manipulation. Overview Character string functions sscanf() function sprintf() function.

Character String Manipulation. Overview Character string functions sscanf() function sprintf() function.
Character String Manipulation. Overview Character string functions sscanf() function snprintf() function.

Character String Manipulation. Overview Character string functions sscanf() function snprintf() function.
Lecture 20 Arrays and Strings

Lecture 20 Arrays and Strings
What is a pointer? First of all, it is a variable, just like other variables you studied So it has type, storage etc. Difference: it can only store the.

What is a pointer? First of all, it is a variable, just like other variables you studied So it has type, storage etc. Difference: it can only store the.
Strings CS240 Dick Steflik. What is a string A null terminated array of characters: char thisIsAString[10]; 0 1 2 3 4 5 6 7 8 9 \0 The “\0” (null character)

Strings CS240 Dick Steflik. What is a string A null terminated array of characters: char thisIsAString[10]; \0 The “\0” (null character)
Current Assignments Homework 5 will be available tomorrow and is due on Sunday. Arrays and Pointers Project 2 due tonight by midnight. Exam 2 on Monday.

Current Assignments Homework 5 will be available tomorrow and is due on Sunday. Arrays and Pointers Project 2 due tonight by midnight. Exam 2 on Monday.
BITS Pilani, Pilani Campus TA C252 Computer Programming - II Vikas Singh File Handling.

BITS Pilani, Pilani Campus TA C252 Computer Programming - II Vikas Singh File Handling.
File Management in C. A file is a collection of related data that a computers treats as a single unit. File is a collection of data stored permanently.

File Management in C. A file is a collection of related data that a computers treats as a single unit. File is a collection of data stored permanently.
Files in C Rohit Khokher. Files in C Real life situations involve large volume of data and in such cases, the console oriented I/O operations pose two.

Files in C Rohit Khokher. Files in C Real life situations involve large volume of data and in such cases, the console oriented I/O operations pose two.
1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.

1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.
© Copyright 1992–2004 by Deitel & Associates, Inc. and Pearson Education Inc. All Rights Reserved. 1 11.1 Introduction Data files –Can be created, updated,

© Copyright 1992–2004 by Deitel & Associates, Inc. and Pearson Education Inc. All Rights Reserved Introduction Data files –Can be created, updated,
 2007 Pearson Education, Inc. All rights reserved. 1 11 C File Processing.

 2007 Pearson Education, Inc. All rights reserved C File Processing.
Chapter 11 C File Processing Acknowledgment The notes are adapted from those provided by Deitel & Associates, Inc. and Pearson Education Inc.

Chapter 11 C File Processing Acknowledgment The notes are adapted from those provided by Deitel & Associates, Inc. and Pearson Education Inc.
Console and File I/O - Basics Rudra Dutta CSC 230 - Spring 2007, Section 001.

Console and File I/O - Basics Rudra Dutta CSC Spring 2007, Section 001.

Similar presentations

Ads by Google